Mobile Security—How Secure Are Your Mobile Devices, Actually?

Whether it’s searching embarrassing symptoms or letting curiosity win and checking out the latest photo leak, we all get up to some questionable things online from time to time—things we wouldn’t want our boss or maybe even friends to know. We aren’t ones to judge, but if you think that in this day-in-age you’re just as safe (or safer) doing all that on your smartphone as your PC, you might want to reconsider.

For example, a recent study examining 10,000 mobile devices in the UK and the US, showed that 40 of the 50 top porn sites were susceptible to software that may harm your phone badly. Another security report issued by Nokia in March 2017, revealed a new all-time high in mobile device infection rates—a stunning 400 percent increase over last year!

Spyware that exposes your text messages, contact lists, GPS coordinates and other data that you’d rather kept to yourself, hits both Android and iOS-run devices. Yet another sort of malicious software threatening your mobile security is the one that may brick your phone dead until you pay the ransom—just like the nefarious WannaCry which compromised a boatload of PCs earlier this year. This kind of threat is getting more intense because you no longer have to be a skilled cyber-criminal to create malware—yep, they have an app for that, too!

Don’t be naïve though—mobile malware isn’t some sudden retaliation for watching porn or clicking ridiculous content advertisements. Most of the time you are installing it yourself along with your apps (or even in fake system updates, like this one)!

What Google Says About Mobile Security Risk

According to Android Security Chief, less than 0.001 percent of Android apps ’cause harm and evade runtime defenses’. So, does this mean Android is practically invincible? Not quite. First of all, these numbers are based on Google’s (the Android’s creator, ICYDK) data solely. Google can only obtain such information from the “Verify App” feature. If you don’t use it, you’re not included in these statistics—so that percentage is woefully misleading Plus, we also must consider that Google doesn’t provide information on how many apps in the store appeared to be infected to the independent researchers. We just have to take the company’s word for it.

They Can’t Bite Into your Apple. Or Can They?

OK, so Android safety is doubtful, but what about iOS? We’ve all heard that all things Mac are virus-proof, but is your iPhone under lock and key? Apple fans’ first argument would be that iOS, unlike Android, is a closed system. One may assume quite another reason, though. What makes the iOS devices safer than the ones that run Android is quite obvious: a market share. Out of the total amount of mobile devices, 85% are Android-powered and only 14,7% run iOS. Which means, 85% of hackers’ efforts are precisely focused on Android, whereas iOS luckily picks up the scraps. iPhones are not without chinks in the armor, however. Here’s a 25-page long list of iPhone’s vulnerabilities.

Shared Insecurity

One good thing about the smartphone exploiters is that they believe we’re all equal—whether you boast a new iPhone or use a humble Android-run smartie, you have one thing in common: your phone can be compromised. So let’s zero in on how the bad (and also good) guys run shady operations through your devices without you having a clue.

Fake apps. Yep, not only are the news fake nowadays. Half of the top-50 apps in Google Play have evil twins, the Economist says. Hackers mimic popular applications, tweaking their names a bit (like, “MyGoogleTranslate” instead of “Google Translate”) to lure you into installing them. Then they steal your data or even mine cryptocurrency with your phone! Now, as Black Friday and X-mas madness are coming, we may also see the rise of the fake shopping apps that steal your credit card numbers. Apple’s App Store survived an infestation with hundreds of them the last year!

Malvertising. This summer, the conspiracy theories-themed site visitors (instant tip: Don’t be one!) got their Android-run phones infested with an unremovable app showing annoying ads. The app’s installation was triggered by clicking on fake ads posted on the abovementioned site. An even more curious event befell iPhone users. A fake advert posing as an iOS update tricked users into . . . physically destroying their phones! (The story in a nutshell: The hoax ad promised to make your iPhone waterproof.)

Sometimes, though, even the good guys can do you bad!

Sensitive info stealing. Even totally legitimate Android and iOS apps may sell your private data. Actually, here’s an article claiming that 7 out of 10 apps do it. This applies in particular to health apps, because your health info is a treasure (for insurance companies among others).

GPS tracking. This summer, iPhone users freaked out after finding that a popular iOS app was selling their location data to the third parties. It’s especially ironic, taking into account that some two years earlier Apple’s Tim Cook roasted Google for selling users’ GPS info to advertisers!

So you understand the risk. Now, let’s look at some popular mobile security facts and tips.

Mobile Security FAQ

Can I be totally safe by switching from smartphone to an old push-button cell phone?

Well, it’s definitely much safer to use an old “dumb” flip-phone without an internet connection. But it’s not totally safe. Even those old “candy-bars” have code in them—and any code can be broken into.

What is the most advanced way to protect my smartphone?

One of the recent hypes in the tech world is biometric security. Applied to smartphones, this means user authentication by fingerprint, face, or even by cardiogram. It can be used to unlock your phone and authorize payments. Biometric security is extremely hard to hack; however, it has its pros and cons.

Does installing only the paid apps guarantee 100% security?
It’s definitely safer to install paid VPNs and anti-viruses. On the other hand, it’s not a rule of thumb. While there are trusted and totally free apps like StopAd (Microsoft certified), there are some hidden catches in many paid applications as well.

How to Really Protect Your Mobile Security

So what can you do in order to ensure full mobile safety? Locking your devices in the microwave and putting a tin-foil hat on are the only ways to be totally secure. There are less radical ways though.

We hate to break it to you, but you better stop browsing adult sites on your phone.

Install apps only from authorised markets and credible developers.

Update your operating system regularly to make sure all the flaws are patched.

Do not root your phone.

Remove any apps you’re not using. Every app is a potential problem—the fewer you have, the safer you’ll be.

Next time you’re about to click “install”, be sure to think twice. Consider what exactly does that application require permission for? Your mic, camera, media files, bank account, etc.? In other words, don’t be a dupe—the human factor is the main vulnerability exploited against you both in PC and mobile realm (as well as IRL, BTW.)

Read the terms of use for goodness sake! At least jump around in the text searching for the words like “third parties”, “data”, “behavior” and the like to make sure you aren’t willingly allowing the app to sell your sensitive info.

To avoid being tracked, iPhone users may disable the “Find My iPhone” function (this way it isn’t possible to track your device—even if it’s stolen). Users may also enable apps using GPS only when they’re active (you can do this in the apps’ settings).

Last but not least, security is an integral part of comfort. StopAd’s Android version has most everything StopAd desktop boasts—it blocks all the ads on your device. If you use an iOS-run device, you may want get started and try StopAd for Safari.